zoukankan      html  css  js  c++  java

  • C# 做外挂,常用API

    摘自网上供自己备查: http://blog.csdn.net/binbb521/article/details/5676134

    using System;
    using System.Collections.Generic;
    using System.Text;
    using System.Runtime.InteropServices;  //这个肯定要的  

    namespace WindowsApplication1
    {
            class win32API
        {
                public const int OPEN_PROCESS_ALL = 2035711;
                public const int PAGE_READWRITE = 4;
                public const int PROCESS_CREATE_THREAD = 2;
                public const int PROCESS_HEAP_ENTRY_BUSY = 4;
                public const int PROCESS_VM_OPERATION = 8;
                public const int PROCESS_VM_READ = 256;
                public const int PROCESS_VM_WRITE = 32;

                private const int PAGE_EXECUTE_READWRITE = 0x4;
                private const int MEM_COMMIT = 4096;
                private const int MEM_RELEASE = 0x8000;
                private const int MEM_DECOMMIT = 0x4000;
                private const int PROCESS_ALL_ACCESS = 0x1F0FFF;

            


                //查找窗体
            [DllImport("User32.dll", EntryPoint = "FindWindow")]
                public extern static IntPtr FindWindow(
                    string lpClassName, 
                    string lpWindowName
                );

                //得到目标进程句柄的函数
            [DllImport("USER32.DLL")] 
                public extern static int GetWindowThreadProcessId(
                    int hwnd, 
                    ref int lpdwProcessId
                );
            [DllImport(    "USER32.DLL")]
                public extern static int GetWindowThreadProcessId(
                IntPtr hwnd, 
                    ref int lpdwProcessId
                );

                //打开进程
            [DllImport("kernel32.dll")]
                public extern static int OpenProcess(
                    int dwDesiredAccess, 
                    int bInheritHandle, 
                    int dwProcessId
                );
            [DllImport(    "kernel32.dll")]
                public extern static IntPtr OpenProcess(
                    uint dwDesiredAccess, 
                    int bInheritHandle, 
                    uint dwProcessId
                );
            
                //关闭句柄的函数
            [DllImport("kernel32.dll", EntryPoint = "CloseHandle")]
                public static extern int CloseHandle(
                    int hObject
                );

                //读内存
            [DllImport("Kernel32.dll ")]
                public static extern Int32 ReadProcessMemory(
                IntPtr hProcess,
                IntPtr lpBaseAddress,
                [In, Out]     byte[] buffer,
                    int size,
                    out IntPtr lpNumberOfBytesWritten
                );
            [DllImport(    "Kernel32.dll ")]
                public static extern Int32 ReadProcessMemory(
                    int hProcess,
                    int lpBaseAddress,
                    ref int buffer,
                    //byte[] buffer,
                int size,
                    int lpNumberOfBytesWritten
                );
            [DllImport(    "Kernel32.dll ")]
                public static extern Int32 ReadProcessMemory(
                    int hProcess,
                    int lpBaseAddress,
                    byte[] buffer,
                    int size,
                    int lpNumberOfBytesWritten
                );

                //写内存
            [DllImport("kernel32.dll")]
                public static extern Int32 WriteProcessMemory(
                IntPtr hProcess,
                IntPtr lpBaseAddress, 
                [In, Out]     byte[] buffer, 
                    int size, 
                    out IntPtr lpNumberOfBytesWritten
                );

            [DllImport(    "kernel32.dll")]
                public static extern Int32 WriteProcessMemory(
                    int hProcess, 
                    int lpBaseAddress, 
                    byte[] buffer, 
                    int size, 
                    int lpNumberOfBytesWritten
                );

                //创建线程
            [DllImport("kernel32", EntryPoint = "CreateRemoteThread")]
                public static extern int CreateRemoteThread(
                    int hProcess,
                    int lpThreadAttributes,
                    int dwStackSize,
                    int lpStartAddress,
                    int lpParameter,
                    int dwCreationFlags,
                    ref int lpThreadId
                );

                //开辟指定进程的内存空间
            [DllImport("Kernel32.dll")]
                public static extern System.Int32 VirtualAllocEx(
             System.IntPtr hProcess,
             System.Int32 lpAddress,
             System.Int32 dwSize,
             System.Int16 flAllocationType,
             System.Int16 flProtect
             );

            [DllImport(    "Kernel32.dll")]
                public static extern System.Int32 VirtualAllocEx(
                int hProcess,
                int lpAddress,
                int dwSize,
                int flAllocationType,
                int flProtect
            );

                //释放内存空间
            [DllImport("Kernel32.dll")]
                public static extern System.Int32 VirtualFreeEx(
                int hProcess,
                int lpAddress,
                int dwSize,
                int flAllocationType
            );
        }
    }
  • 相关阅读:
    MobileIMSDK连接后频繁掉线重连,提示会话超时失效,对方非正常退出或网络故障
    Android+SpringBoot+Vue+高德地图实现后台查看车辆实时位置功能
    Vue中集成高德地图API实现定位与自定义样式信息窗体
    Java中对接钉钉API获取数据流程
    Java中集成极光推送实现给Android提送消息通知(附代码下载)
    Android中集成极光推送实现推送消息通知与根据别名指定推送附示例代码下载
    PostGresSQL简介与Windows上的安装教程
    信息系统项目管理师-知识产权、项目收尾、标准规范核心知识点思维脑图
    信息系统项目管理师-项目成熟度模型、量化项目管理核心知识点思维脑图
    信息系统项目管理师-招投标法、政府采购法核心知识点思维脑图
  • 原文地址:https://www.cnblogs.com/wuyifu/p/2864348.html
Copyright © 2011-2022 走看看